I . Amendments tQ/the Claims 

Please ame^fd the claims as follows with the following 
version of tl>B claims in accordance with revised 37 CFR § 

1.121- 
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(Canceled) 



7. (Canceled) 




8. (Canceled) 



10. (Canceled) 
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1\. (Amended) A method for enabling a program written in 

untested code to access a native operating system resource, 
comprr&ing the steps of: 

havaSng a trusted login service listen on a named pipe for 
login r equests for login cr e dentials ; 

respons^iW to a login request, wherein the lo gin request 
contains an identifier for a uniquelv-name d response pipe, 
having the trusted\ogin service request a native operating 
system identifier; 

returning to the program via the uni auelv-named -ar 
response pipe the native operating system identifier, wherein 
the uniauelv-named response p\pe and the n amed pipe are not 
identical ; 

in an authentication frameworl^, using the native 
operating system identifier to createya credential object; and 

using the credential object to log^ga to the native 
operating system to enable the program to>access the resource 



12. (Amended) The method as described in d^aim 11 wherein 

the native operating system supports named -pipe severs . ire 
Windows NT. 
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13. ^(Amended) The method as described in claim 12 wherein 

the program is written in an interpreted -a — language selected 
\ 

from Javk, — Activ e X, — and Visual Basic . 
\ 

\ 

\ 

\ 

\ 

\ 

14. (Original) The method as described in claim 11 wherein 

\ 

the authentication framework is a pluggable authentication 

\ 

mechanism (PAM) having a set of application programming 
interfaces (APIs) . ^ 



st^pc 



15. (Original) The metftpd as described in claim 14 wherein 

\ 

the set of application programming interfaces include login, 
commit, abort and logout APIs 

16. (Amended) The method as described in claim 14 wherein 
the authentication framework is compliancy complaint w ith an 
authentication service of a virtual machineX a Java 
Authentication Servic e . 
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17 . N (X{Ti 



code to access a native operating system resource, the 
\ 



ended) A computer program product in a computer 

readableNnedium for enabling a program written in untrusted 

computer progrkm product comprising the steps of 

means for listening on a named pipe by a trusted login 

\ 

service for login Vequests ; 

\ 

means responsive to a login request for requesting a 
native operating system identifier by the trusted login 
service, wherein the lo\in request contains an identifier for 
a uniquely-named response\pipe, ; 

means for returning to\the program via the uniquely-named 

response pipe the native operating system identifier, wherein 

\ 

the uniquely-named response pi&e and the named pipe are not 

identical ; \ 
\ 

\ 

in an authentication framework, using the native 

\ 

\ 

operating system identifier to create a credential object; and 

\ 

using the credential object to Idgin to the native 

\ 

operating system to enable the program to access the resource.- 

\ 

\ 

m e ans for listening for r e qu e sts for login credentials 1 ; - 

\ 

means r e sponsive to a login requ e st f<^y making a r e qu e st 

for a nativ e operating system id e ntifi e r, \ 

m e ans for sending th e native operating syfetera id e ntifi e r - 

to th e program, \ N 



Page 6 

Nadalin et al . - 09/321,788 



.m e ans for using the nativ e operating system identifier to 
ere '§t"t~e a c r 'edential objec t-; — and 

meVns for using th e credential object to login to th e 

native o^rating syst e m to e nable the program to access the 
resource . \ 



\ 



\ 



\ 



18. (Amended) \^ The computer program product as described 

in claim 17 where\n the program executes in a virtual machine 

\ 

supported by the na\ive operating system is a Java program a nd 
the native operating \ystem supports named-pipe servers. ^ 
Windows NT, 




19. (Amended) The computer program product as described 

in claim 17 wherein the program is written in an interpreted 
language, the means for listening step is a login service. 



20. (Amended) The computer program product as described 

in claim 17 wherein the authentication framework is compliant 
with an authentication service of a virtual machine. 
th e cred e ntial object is created in an authentication 
fram e work . 



Page 7 

Nadalin et al . - 09/321,788 



21. (Amended) An application server, comprising: 

a set of Java™ p rograms that are supported by a virtual 

machine thai: is supported bv a native operating system ; 
\ 

a processor running the ^ t— native operating system 
\ 

providing support for executing the set of Java - p rograms ; and 

means for enabling each Java p rogram in the set of 
\ 

■^ programs to run in a\ operating system thread while 
impersonating - a-s— a different native operating system user in 
accordance with a token that was crea ted during a login 
operation in the native operating system and that was 
associated with a program whilk the program was acting as a 
named-pipe server to listen for login response on a named 
pipe that was uniquely created f or \ login r equest to obtain 
the token, wherein the login request Contained an identifier 
for the named pipe . 



22. (Amended) The application server as described in 

claim 21 wherein the native operating system supports 
named-pipe servers, is Windows NT. 
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23. (Amende^ The application server as described in 
claim 21 further Ih^luding a server application executed by 
the processor for recervdng a request for service from a 
client machine and initiatin^execution of a program in the 
set of programs o ne of th e Java prbgrams in a given operating 
system thread. 
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